Changes between Version 1 and Version 2 of CVE-2023-46850


Ignore:
Timestamp:
11/09/23 15:23:33 (10 months ago)
Author:
novaflash
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • CVE-2023-46850

    v1 v2  
    1 = CVE-2023-46849: Incorrect use of send buffer causes memory to be sent to peer
     1= CVE-2023-46850: Incorrect use of send buffer causes memory to be sent to peer
    22
    33OpenVPN 2.6 from v2.6.0 up to and including v.2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue.